[Samba] Samba/LDAP RID assignment

E.V. Suprun sev at bsuir.by
Thu Oct 11 14:55:29 GMT 2007

We've got SAMBA 3.0.23d / LDAP PDC using smb-ldap-tools. smb.conf

add user script = /opt/IDEALX/sbin/smbldap-useradd "%u"

A new user may be added to the domain by various ways, e.g:

1. from a Windows workstation of an administrator:
2. from the server shell: smbldap-useradd "a_new_user";
 then net rpc -Uroot add user a_new_user;
3. from the server shell: smbldap-useradd "a_new_user";
 then smbpasswd -a a_new_user;

In any case, first of all "a_new_user" is created in LDAP and gets his
unique "uidNumber" attribute, then he is assigned a RID. In cases (1-2)
the final digits of the RID are assigned according to the value of the
SambaDomainName=domain_name sambaNextRid attribute, but in case (3) the
final part of new RID is (uidNumber*2)+1000.

I tried the latest Samba version, it's behaviour is the same as in
3.0.23d. Are there ways to make the modes of assigning RIDs the same for
smbpasswd and for RPC calls (AFAIK, usrmgr.exe applies RPC calls)? If
so, how can I choose the mode of assigning the new RID?


More information about the samba mailing list